@shware/http 1.2.0 → 1.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (208) hide show
  1. package/README.md +1 -3
  2. package/dist/__tests__/index.test.cjs +27 -0
  3. package/dist/__tests__/index.test.cjs.map +1 -0
  4. package/dist/__tests__/index.test.d.cts +2 -0
  5. package/dist/__tests__/index.test.d.ts +2 -0
  6. package/dist/__tests__/index.test.mjs +25 -0
  7. package/dist/__tests__/index.test.mjs.map +1 -0
  8. package/dist/cache/index.cjs +32 -0
  9. package/dist/cache/index.cjs.map +1 -0
  10. package/dist/cache/index.d.cts +9 -0
  11. package/dist/cache/index.d.ts +9 -0
  12. package/dist/cache/index.mjs +7 -0
  13. package/dist/cache/index.mjs.map +1 -0
  14. package/dist/error/detail.cjs +93 -0
  15. package/dist/error/detail.cjs.map +1 -0
  16. package/dist/error/detail.d.cts +99 -0
  17. package/dist/error/detail.d.ts +99 -0
  18. package/dist/error/detail.mjs +67 -0
  19. package/dist/error/detail.mjs.map +1 -0
  20. package/dist/error/i18n/en-us.cjs +31 -0
  21. package/dist/error/i18n/en-us.cjs.map +1 -0
  22. package/dist/error/i18n/en-us.d.cts +3 -0
  23. package/dist/error/i18n/en-us.d.ts +3 -0
  24. package/dist/error/i18n/en-us.mjs +6 -0
  25. package/dist/error/i18n/en-us.mjs.map +1 -0
  26. package/dist/error/index.cjs +63 -0
  27. package/dist/error/index.cjs.map +1 -0
  28. package/dist/error/index.d.cts +19 -0
  29. package/dist/error/index.d.ts +19 -0
  30. package/dist/error/index.mjs +35 -0
  31. package/dist/error/index.mjs.map +1 -0
  32. package/dist/error/parse.cjs +52 -0
  33. package/dist/error/parse.cjs.map +1 -0
  34. package/dist/error/parse.d.cts +16 -0
  35. package/dist/error/parse.d.ts +16 -0
  36. package/dist/error/parse.mjs +27 -0
  37. package/dist/error/parse.mjs.map +1 -0
  38. package/dist/error/reason.cjs +19 -0
  39. package/dist/error/reason.cjs.map +1 -0
  40. package/dist/error/reason.d.cts +66 -0
  41. package/dist/error/reason.d.ts +66 -0
  42. package/dist/error/reason.mjs +1 -0
  43. package/dist/error/reason.mjs.map +1 -0
  44. package/dist/error/status.cjs +263 -0
  45. package/dist/error/status.cjs.map +1 -0
  46. package/dist/error/status.d.cts +69 -0
  47. package/dist/error/status.d.ts +69 -0
  48. package/dist/error/status.mjs +234 -0
  49. package/dist/error/status.mjs.map +1 -0
  50. package/dist/google-one-tap/index.cjs +51 -0
  51. package/dist/google-one-tap/index.cjs.map +1 -0
  52. package/dist/google-one-tap/index.d.cts +17 -0
  53. package/dist/google-one-tap/index.d.ts +17 -0
  54. package/dist/google-one-tap/index.mjs +26 -0
  55. package/dist/google-one-tap/index.mjs.map +1 -0
  56. package/dist/google-one-tap/types.cjs +19 -0
  57. package/dist/google-one-tap/types.cjs.map +1 -0
  58. package/dist/google-one-tap/types.d.cts +155 -0
  59. package/dist/google-one-tap/types.d.ts +155 -0
  60. package/dist/google-one-tap/types.mjs +1 -0
  61. package/dist/google-one-tap/types.mjs.map +1 -0
  62. package/dist/hono/__tests__/authorizer.test.cjs +483 -0
  63. package/dist/hono/__tests__/authorizer.test.cjs.map +1 -0
  64. package/dist/hono/__tests__/authorizer.test.d.cts +2 -0
  65. package/dist/hono/__tests__/authorizer.test.d.ts +2 -0
  66. package/dist/hono/__tests__/authorizer.test.mjs +481 -0
  67. package/dist/hono/__tests__/authorizer.test.mjs.map +1 -0
  68. package/dist/hono/__tests__/csrf.test.cjs +162 -0
  69. package/dist/hono/__tests__/csrf.test.cjs.map +1 -0
  70. package/dist/hono/__tests__/csrf.test.d.cts +2 -0
  71. package/dist/hono/__tests__/csrf.test.d.ts +2 -0
  72. package/dist/hono/__tests__/csrf.test.mjs +160 -0
  73. package/dist/hono/__tests__/csrf.test.mjs.map +1 -0
  74. package/dist/hono/authorizer.cjs +67 -0
  75. package/dist/hono/authorizer.cjs.map +1 -0
  76. package/dist/hono/authorizer.d.cts +18 -0
  77. package/dist/hono/authorizer.d.ts +18 -0
  78. package/dist/hono/authorizer.mjs +42 -0
  79. package/dist/hono/authorizer.mjs.map +1 -0
  80. package/dist/hono/csrf.cjs +95 -0
  81. package/dist/hono/csrf.cjs.map +1 -0
  82. package/dist/hono/csrf.d.cts +65 -0
  83. package/dist/hono/csrf.d.ts +65 -0
  84. package/dist/hono/csrf.mjs +70 -0
  85. package/dist/hono/csrf.mjs.map +1 -0
  86. package/dist/hono/geolocation.cjs +75 -0
  87. package/dist/hono/geolocation.cjs.map +1 -0
  88. package/dist/hono/geolocation.d.cts +17 -0
  89. package/dist/hono/geolocation.d.ts +17 -0
  90. package/dist/hono/geolocation.mjs +50 -0
  91. package/dist/hono/geolocation.mjs.map +1 -0
  92. package/dist/hono/handler.cjs +68 -0
  93. package/dist/hono/handler.cjs.map +1 -0
  94. package/dist/hono/handler.d.cts +13 -0
  95. package/dist/hono/handler.d.ts +13 -0
  96. package/dist/hono/handler.mjs +42 -0
  97. package/dist/hono/handler.mjs.map +1 -0
  98. package/dist/hono/index.cjs +45 -0
  99. package/dist/hono/index.cjs.map +1 -0
  100. package/dist/hono/index.d.cts +12 -0
  101. package/dist/hono/index.d.ts +12 -0
  102. package/dist/hono/index.mjs +15 -0
  103. package/dist/hono/index.mjs.map +1 -0
  104. package/dist/hono/validator.cjs +64 -0
  105. package/dist/hono/validator.cjs.map +1 -0
  106. package/dist/hono/validator.d.cts +28 -0
  107. package/dist/hono/validator.d.ts +28 -0
  108. package/dist/hono/validator.mjs +38 -0
  109. package/dist/hono/validator.mjs.map +1 -0
  110. package/dist/index-BnPgRQDl.d.cts +129 -0
  111. package/dist/index-BnPgRQDl.d.ts +129 -0
  112. package/dist/index.cjs +91 -0
  113. package/dist/index.cjs.map +1 -0
  114. package/dist/index.d.cts +18 -0
  115. package/dist/index.d.ts +18 -0
  116. package/dist/index.mjs +46 -0
  117. package/dist/index.mjs.map +1 -0
  118. package/dist/iso/iso_3601_1.cjs +292 -0
  119. package/dist/iso/iso_3601_1.cjs.map +1 -0
  120. package/dist/iso/iso_3601_1.d.cts +9 -0
  121. package/dist/iso/iso_3601_1.d.ts +9 -0
  122. package/dist/iso/iso_3601_1.mjs +267 -0
  123. package/dist/iso/iso_3601_1.mjs.map +1 -0
  124. package/dist/max-length/index.cjs +94 -0
  125. package/dist/max-length/index.cjs.map +1 -0
  126. package/dist/max-length/index.d.cts +1 -0
  127. package/dist/max-length/index.d.ts +1 -0
  128. package/dist/max-length/index.mjs +48 -0
  129. package/dist/max-length/index.mjs.map +1 -0
  130. package/dist/message.cjs +32 -0
  131. package/dist/message.cjs.map +1 -0
  132. package/dist/message.d.cts +3 -0
  133. package/dist/message.d.ts +3 -0
  134. package/dist/message.mjs +7 -0
  135. package/dist/message.mjs.map +1 -0
  136. package/dist/polyfills/index.cjs +7 -0
  137. package/dist/polyfills/index.cjs.map +1 -0
  138. package/dist/polyfills/index.d.cts +2 -0
  139. package/dist/polyfills/index.d.ts +2 -0
  140. package/dist/polyfills/index.mjs +5 -0
  141. package/dist/polyfills/index.mjs.map +1 -0
  142. package/dist/response.cjs +73 -0
  143. package/dist/response.cjs.map +1 -0
  144. package/dist/response.d.cts +65 -0
  145. package/dist/response.d.ts +65 -0
  146. package/dist/response.mjs +44 -0
  147. package/dist/response.mjs.map +1 -0
  148. package/dist/snowflake.cjs +75 -0
  149. package/dist/snowflake.cjs.map +1 -0
  150. package/dist/snowflake.d.cts +29 -0
  151. package/dist/snowflake.d.ts +29 -0
  152. package/dist/snowflake.mjs +49 -0
  153. package/dist/snowflake.mjs.map +1 -0
  154. package/dist/utils/__tests__/ip.test.cjs +38 -0
  155. package/dist/utils/__tests__/ip.test.cjs.map +1 -0
  156. package/dist/utils/__tests__/ip.test.d.cts +2 -0
  157. package/dist/utils/__tests__/ip.test.d.ts +2 -0
  158. package/dist/utils/__tests__/ip.test.mjs +36 -0
  159. package/dist/utils/__tests__/ip.test.mjs.map +1 -0
  160. package/dist/utils/invariant.cjs +37 -0
  161. package/dist/utils/invariant.cjs.map +1 -0
  162. package/dist/utils/invariant.d.cts +3 -0
  163. package/dist/utils/invariant.d.ts +3 -0
  164. package/dist/utils/invariant.mjs +12 -0
  165. package/dist/utils/invariant.mjs.map +1 -0
  166. package/dist/utils/ip.cjs +53 -0
  167. package/dist/utils/ip.cjs.map +1 -0
  168. package/dist/utils/ip.d.cts +3 -0
  169. package/dist/utils/ip.d.ts +3 -0
  170. package/dist/utils/ip.mjs +28 -0
  171. package/dist/utils/ip.mjs.map +1 -0
  172. package/dist/utils/promise.cjs +47 -0
  173. package/dist/utils/promise.cjs.map +1 -0
  174. package/dist/utils/promise.d.cts +3 -0
  175. package/dist/utils/promise.d.ts +3 -0
  176. package/dist/utils/promise.mjs +22 -0
  177. package/dist/utils/promise.mjs.map +1 -0
  178. package/dist/utils/string.cjs +33 -0
  179. package/dist/utils/string.cjs.map +1 -0
  180. package/dist/utils/string.d.cts +6 -0
  181. package/dist/utils/string.d.ts +6 -0
  182. package/dist/utils/string.mjs +8 -0
  183. package/dist/utils/string.mjs.map +1 -0
  184. package/dist/utils/timing.cjs +74 -0
  185. package/dist/utils/timing.cjs.map +1 -0
  186. package/dist/utils/timing.d.cts +13 -0
  187. package/dist/utils/timing.d.ts +13 -0
  188. package/dist/utils/timing.mjs +49 -0
  189. package/dist/utils/timing.mjs.map +1 -0
  190. package/dist/utils/token-bucket.cjs +73 -0
  191. package/dist/utils/token-bucket.cjs.map +1 -0
  192. package/dist/utils/token-bucket.d.cts +20 -0
  193. package/dist/utils/token-bucket.d.ts +20 -0
  194. package/dist/utils/token-bucket.mjs +48 -0
  195. package/dist/utils/token-bucket.mjs.map +1 -0
  196. package/dist/vaild.cjs +51 -0
  197. package/dist/vaild.cjs.map +1 -0
  198. package/dist/vaild.d.cts +13 -0
  199. package/dist/vaild.d.ts +13 -0
  200. package/dist/vaild.mjs +26 -0
  201. package/dist/vaild.mjs.map +1 -0
  202. package/dist/webhook/index.cjs +77 -0
  203. package/dist/webhook/index.cjs.map +1 -0
  204. package/dist/webhook/index.d.cts +10 -0
  205. package/dist/webhook/index.d.ts +10 -0
  206. package/dist/webhook/index.mjs +52 -0
  207. package/dist/webhook/index.mjs.map +1 -0
  208. package/package.json +1 -1
package/dist/vaild.cjs ADDED
@@ -0,0 +1,51 @@
1
+ "use strict";
2
+ var __defProp = Object.defineProperty;
3
+ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
4
+ var __getOwnPropNames = Object.getOwnPropertyNames;
5
+ var __hasOwnProp = Object.prototype.hasOwnProperty;
6
+ var __export = (target, all) => {
7
+ for (var name in all)
8
+ __defProp(target, name, { get: all[name], enumerable: true });
9
+ };
10
+ var __copyProps = (to, from, except, desc) => {
11
+ if (from && typeof from === "object" || typeof from === "function") {
12
+ for (let key of __getOwnPropNames(from))
13
+ if (!__hasOwnProp.call(to, key) && key !== except)
14
+ __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
15
+ }
16
+ return to;
17
+ };
18
+ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
19
+
20
+ // src/vaild.ts
21
+ var vaild_exports = {};
22
+ __export(vaild_exports, {
23
+ valid: () => valid
24
+ });
25
+ module.exports = __toCommonJS(vaild_exports);
26
+ var import_detail = require("./error/detail.cjs");
27
+ var import_status = require("./error/status.cjs");
28
+ async function getTarget(request, target) {
29
+ switch (target) {
30
+ case "json":
31
+ return request.json();
32
+ default:
33
+ throw new Error(`Unsupported target: ${target}`);
34
+ }
35
+ }
36
+ async function valid(request, target, schema) {
37
+ const value = await getTarget(request, target);
38
+ const validator = await schema.safeParseAsync(value);
39
+ if (validator.success) return { data: validator.data, error: null };
40
+ const fieldViolations = validator.error.issues.map(
41
+ ({ path, message }) => ({ field: path.join("."), description: message })
42
+ );
43
+ const details = import_detail.Details.new().badRequest({ fieldViolations });
44
+ const error = import_status.Status.invalidArgument().response(details);
45
+ return { data: null, error };
46
+ }
47
+ // Annotate the CommonJS export names for ESM import in node:
48
+ 0 && (module.exports = {
49
+ valid
50
+ });
51
+ //# sourceMappingURL=vaild.cjs.map
package/dist/vaild.cjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/vaild.ts"],"sourcesContent":["import { BadRequest, Details } from './error/detail';\nimport { Status } from './error/status';\nimport type { ZodMiniType, z } from 'zod/mini';\n\nexport type Result<S extends ZodMiniType> =\n | { data: z.infer<S>; error: null }\n | { data: null; error: Response };\n\ntype Target = 'json' | 'form' | 'query' | 'param' | 'header' | 'cookie';\n\nasync function getTarget(request: Request, target: Target): Promise<unknown> {\n switch (target) {\n case 'json':\n return request.json();\n default:\n throw new Error(`Unsupported target: ${target}`);\n }\n}\n\nexport async function valid<S extends ZodMiniType>(\n request: Request,\n target: Target,\n schema: S\n): Promise<Result<S>> {\n const value = await getTarget(request, target);\n const validator = await schema.safeParseAsync(value);\n if (validator.success) return { data: validator.data, error: null };\n const fieldViolations: BadRequest['fieldViolations'] = validator.error.issues.map(\n ({ path, message }) => ({ field: path.join('.'), description: message })\n );\n const details = Details.new().badRequest({ fieldViolations });\n const error = Status.invalidArgument().response(details);\n return { data: null, error };\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,oBAAoC;AACpC,oBAAuB;AASvB,eAAe,UAAU,SAAkB,QAAkC;AAC3E,UAAQ,QAAQ;AAAA,IACd,KAAK;AACH,aAAO,QAAQ,KAAK;AAAA,IACtB;AACE,YAAM,IAAI,MAAM,uBAAuB,MAAM,EAAE;AAAA,EACnD;AACF;AAEA,eAAsB,MACpB,SACA,QACA,QACoB;AACpB,QAAM,QAAQ,MAAM,UAAU,SAAS,MAAM;AAC7C,QAAM,YAAY,MAAM,OAAO,eAAe,KAAK;AACnD,MAAI,UAAU,QAAS,QAAO,EAAE,MAAM,UAAU,MAAM,OAAO,KAAK;AAClE,QAAM,kBAAiD,UAAU,MAAM,OAAO;AAAA,IAC5E,CAAC,EAAE,MAAM,QAAQ,OAAO,EAAE,OAAO,KAAK,KAAK,GAAG,GAAG,aAAa,QAAQ;AAAA,EACxE;AACA,QAAM,UAAU,sBAAQ,IAAI,EAAE,WAAW,EAAE,gBAAgB,CAAC;AAC5D,QAAM,QAAQ,qBAAO,gBAAgB,EAAE,SAAS,OAAO;AACvD,SAAO,EAAE,MAAM,MAAM,MAAM;AAC7B;","names":[]}
package/dist/vaild.d.cts ADDED
@@ -0,0 +1,13 @@
1
+ import { ZodMiniType, z } from 'zod/mini';
2
+
3
+ type Result<S extends ZodMiniType> = {
4
+ data: z.infer<S>;
5
+ error: null;
6
+ } | {
7
+ data: null;
8
+ error: Response;
9
+ };
10
+ type Target = 'json' | 'form' | 'query' | 'param' | 'header' | 'cookie';
11
+ declare function valid<S extends ZodMiniType>(request: Request, target: Target, schema: S): Promise<Result<S>>;
12
+
13
+ export { type Result, valid };
package/dist/vaild.d.ts ADDED
@@ -0,0 +1,13 @@
1
+ import { ZodMiniType, z } from 'zod/mini';
2
+
3
+ type Result<S extends ZodMiniType> = {
4
+ data: z.infer<S>;
5
+ error: null;
6
+ } | {
7
+ data: null;
8
+ error: Response;
9
+ };
10
+ type Target = 'json' | 'form' | 'query' | 'param' | 'header' | 'cookie';
11
+ declare function valid<S extends ZodMiniType>(request: Request, target: Target, schema: S): Promise<Result<S>>;
12
+
13
+ export { type Result, valid };
package/dist/vaild.mjs ADDED
@@ -0,0 +1,26 @@
1
+ // src/vaild.ts
2
+ import { Details } from "./error/detail.mjs";
3
+ import { Status } from "./error/status.mjs";
4
+ async function getTarget(request, target) {
5
+ switch (target) {
6
+ case "json":
7
+ return request.json();
8
+ default:
9
+ throw new Error(`Unsupported target: ${target}`);
10
+ }
11
+ }
12
+ async function valid(request, target, schema) {
13
+ const value = await getTarget(request, target);
14
+ const validator = await schema.safeParseAsync(value);
15
+ if (validator.success) return { data: validator.data, error: null };
16
+ const fieldViolations = validator.error.issues.map(
17
+ ({ path, message }) => ({ field: path.join("."), description: message })
18
+ );
19
+ const details = Details.new().badRequest({ fieldViolations });
20
+ const error = Status.invalidArgument().response(details);
21
+ return { data: null, error };
22
+ }
23
+ export {
24
+ valid
25
+ };
26
+ //# sourceMappingURL=vaild.mjs.map
package/dist/vaild.mjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/vaild.ts"],"sourcesContent":["import { BadRequest, Details } from './error/detail';\nimport { Status } from './error/status';\nimport type { ZodMiniType, z } from 'zod/mini';\n\nexport type Result<S extends ZodMiniType> =\n | { data: z.infer<S>; error: null }\n | { data: null; error: Response };\n\ntype Target = 'json' | 'form' | 'query' | 'param' | 'header' | 'cookie';\n\nasync function getTarget(request: Request, target: Target): Promise<unknown> {\n switch (target) {\n case 'json':\n return request.json();\n default:\n throw new Error(`Unsupported target: ${target}`);\n }\n}\n\nexport async function valid<S extends ZodMiniType>(\n request: Request,\n target: Target,\n schema: S\n): Promise<Result<S>> {\n const value = await getTarget(request, target);\n const validator = await schema.safeParseAsync(value);\n if (validator.success) return { data: validator.data, error: null };\n const fieldViolations: BadRequest['fieldViolations'] = validator.error.issues.map(\n ({ path, message }) => ({ field: path.join('.'), description: message })\n );\n const details = Details.new().badRequest({ fieldViolations });\n const error = Status.invalidArgument().response(details);\n return { data: null, error };\n}\n"],"mappings":";AAAA,SAAqB,eAAe;AACpC,SAAS,cAAc;AASvB,eAAe,UAAU,SAAkB,QAAkC;AAC3E,UAAQ,QAAQ;AAAA,IACd,KAAK;AACH,aAAO,QAAQ,KAAK;AAAA,IACtB;AACE,YAAM,IAAI,MAAM,uBAAuB,MAAM,EAAE;AAAA,EACnD;AACF;AAEA,eAAsB,MACpB,SACA,QACA,QACoB;AACpB,QAAM,QAAQ,MAAM,UAAU,SAAS,MAAM;AAC7C,QAAM,YAAY,MAAM,OAAO,eAAe,KAAK;AACnD,MAAI,UAAU,QAAS,QAAO,EAAE,MAAM,UAAU,MAAM,OAAO,KAAK;AAClE,QAAM,kBAAiD,UAAU,MAAM,OAAO;AAAA,IAC5E,CAAC,EAAE,MAAM,QAAQ,OAAO,EAAE,OAAO,KAAK,KAAK,GAAG,GAAG,aAAa,QAAQ;AAAA,EACxE;AACA,QAAM,UAAU,QAAQ,IAAI,EAAE,WAAW,EAAE,gBAAgB,CAAC;AAC5D,QAAM,QAAQ,OAAO,gBAAgB,EAAE,SAAS,OAAO;AACvD,SAAO,EAAE,MAAM,MAAM,MAAM;AAC7B;","names":[]}
package/dist/webhook/index.cjs ADDED
@@ -0,0 +1,77 @@
1
+ "use strict";
2
+ var __defProp = Object.defineProperty;
3
+ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
4
+ var __getOwnPropNames = Object.getOwnPropertyNames;
5
+ var __hasOwnProp = Object.prototype.hasOwnProperty;
6
+ var __export = (target, all) => {
7
+ for (var name in all)
8
+ __defProp(target, name, { get: all[name], enumerable: true });
9
+ };
10
+ var __copyProps = (to, from, except, desc) => {
11
+ if (from && typeof from === "object" || typeof from === "function") {
12
+ for (let key of __getOwnPropNames(from))
13
+ if (!__hasOwnProp.call(to, key) && key !== except)
14
+ __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
15
+ }
16
+ return to;
17
+ };
18
+ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
19
+
20
+ // src/webhook/index.ts
21
+ var webhook_exports = {};
22
+ __export(webhook_exports, {
23
+ verifyStandardWebhook: () => verifyStandardWebhook
24
+ });
25
+ module.exports = __toCommonJS(webhook_exports);
26
+ var import_crypto = require("crypto");
27
+ var import_status = require("../error/status.cjs");
28
+ var WEBHOOK_TOLERANCE_IN_SECONDS = 5 * 60;
29
+ function verifyTimestamp(webhookTimestamp) {
30
+ const now = Math.floor(Date.now() / 1e3);
31
+ const timestamp = parseInt(webhookTimestamp, 10);
32
+ if (isNaN(timestamp)) {
33
+ throw import_status.Status.invalidArgument("invalid webhook timestamp").error();
34
+ }
35
+ if (timestamp < now - WEBHOOK_TOLERANCE_IN_SECONDS) {
36
+ throw import_status.Status.invalidArgument("webhook timestamp is too old").error();
37
+ }
38
+ if (timestamp > now + WEBHOOK_TOLERANCE_IN_SECONDS) {
39
+ throw import_status.Status.invalidArgument("webhook timestamp is too new").error();
40
+ }
41
+ return timestamp;
42
+ }
43
+ function verifyStandardWebhook(headers, payload, secret) {
44
+ const webhookId = headers["webhook-id"];
45
+ const webhookTimestamp = headers["webhook-timestamp"];
46
+ const webhookSignature = headers["webhook-signature"];
47
+ if (!webhookId || !webhookTimestamp || !webhookSignature) {
48
+ throw import_status.Status.invalidArgument("invalid webhook").error();
49
+ }
50
+ const timestamp = verifyTimestamp(webhookTimestamp);
51
+ const encoder = new TextEncoder();
52
+ const toSign = encoder.encode(`${webhookId}.${timestamp}.${payload}`);
53
+ const hmac = (0, import_crypto.createHmac)("sha256", Buffer.from(secret, "base64"));
54
+ const digest = hmac.update(toSign).digest();
55
+ const computedSignature = `v1,${Buffer.from(digest).toString("base64")}`;
56
+ const expectedSignature = computedSignature.split(",")[1];
57
+ const passedSignatures = webhookSignature.split(" ");
58
+ for (const versionedSignature of passedSignatures) {
59
+ const [version, signature] = versionedSignature.split(",");
60
+ if (version !== "v1") continue;
61
+ if ((0, import_crypto.timingSafeEqual)(encoder.encode(signature), encoder.encode(expectedSignature))) {
62
+ try {
63
+ return JSON.parse(payload);
64
+ } catch (_) {
65
+ console.error("invalid payload", payload);
66
+ throw import_status.Status.invalidArgument("invalid webhook payload").error();
67
+ }
68
+ }
69
+ }
70
+ console.error("webhook verification failed");
71
+ throw import_status.Status.invalidArgument("invalid webhook signature").error();
72
+ }
73
+ // Annotate the CommonJS export names for ESM import in node:
74
+ 0 && (module.exports = {
75
+ verifyStandardWebhook
76
+ });
77
+ //# sourceMappingURL=index.cjs.map
package/dist/webhook/index.cjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../../src/webhook/index.ts"],"sourcesContent":["import { createHmac, timingSafeEqual } from 'crypto';\nimport { Status } from '../error/status';\n\nconst WEBHOOK_TOLERANCE_IN_SECONDS = 5 * 60; // 5 minutes\n\nfunction verifyTimestamp(webhookTimestamp: string) {\n const now = Math.floor(Date.now() / 1000);\n const timestamp = parseInt(webhookTimestamp, 10);\n if (isNaN(timestamp)) {\n throw Status.invalidArgument('invalid webhook timestamp').error();\n }\n if (timestamp < now - WEBHOOK_TOLERANCE_IN_SECONDS) {\n throw Status.invalidArgument('webhook timestamp is too old').error();\n }\n if (timestamp > now + WEBHOOK_TOLERANCE_IN_SECONDS) {\n throw Status.invalidArgument('webhook timestamp is too new').error();\n }\n return timestamp;\n}\n\n/**\n * reference: https://github.com/standard-webhooks/standard-webhooks/tree/main/libraries/javascript\n * hono usage:\n * ```ts\n * const webhook = verifyStandardWebhook(c.req.header(), await c.req.text(), 'secret');\n * ```\n */\nexport function verifyStandardWebhook<T = unknown>(\n headers: Record<string, string>,\n payload: string,\n secret: string\n): T {\n const webhookId = headers['webhook-id'];\n const webhookTimestamp = headers['webhook-timestamp'];\n const webhookSignature = headers['webhook-signature'];\n if (!webhookId || !webhookTimestamp || !webhookSignature) {\n throw Status.invalidArgument('invalid webhook').error();\n }\n const timestamp = verifyTimestamp(webhookTimestamp);\n\n const encoder = new TextEncoder();\n const toSign = encoder.encode(`${webhookId}.${timestamp}.${payload}`);\n const hmac = createHmac('sha256', Buffer.from(secret, 'base64'));\n const digest = hmac.update(toSign).digest();\n\n const computedSignature = `v1,${Buffer.from(digest).toString('base64')}`;\n const expectedSignature = computedSignature.split(',')[1];\n const passedSignatures = webhookSignature.split(' ');\n\n for (const versionedSignature of passedSignatures) {\n const [version, signature] = versionedSignature.split(',');\n if (version !== 'v1') continue;\n if (timingSafeEqual(encoder.encode(signature), encoder.encode(expectedSignature))) {\n try {\n return JSON.parse(payload) as T;\n } catch (_) {\n console.error('invalid payload', payload);\n throw Status.invalidArgument('invalid webhook payload').error();\n }\n }\n }\n console.error('webhook verification failed');\n throw Status.invalidArgument('invalid webhook signature').error();\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,oBAA4C;AAC5C,oBAAuB;AAEvB,IAAM,+BAA+B,IAAI;AAEzC,SAAS,gBAAgB,kBAA0B;AACjD,QAAM,MAAM,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;AACxC,QAAM,YAAY,SAAS,kBAAkB,EAAE;AAC/C,MAAI,MAAM,SAAS,GAAG;AACpB,UAAM,qBAAO,gBAAgB,2BAA2B,EAAE,MAAM;AAAA,EAClE;AACA,MAAI,YAAY,MAAM,8BAA8B;AAClD,UAAM,qBAAO,gBAAgB,8BAA8B,EAAE,MAAM;AAAA,EACrE;AACA,MAAI,YAAY,MAAM,8BAA8B;AAClD,UAAM,qBAAO,gBAAgB,8BAA8B,EAAE,MAAM;AAAA,EACrE;AACA,SAAO;AACT;AASO,SAAS,sBACd,SACA,SACA,QACG;AACH,QAAM,YAAY,QAAQ,YAAY;AACtC,QAAM,mBAAmB,QAAQ,mBAAmB;AACpD,QAAM,mBAAmB,QAAQ,mBAAmB;AACpD,MAAI,CAAC,aAAa,CAAC,oBAAoB,CAAC,kBAAkB;AACxD,UAAM,qBAAO,gBAAgB,iBAAiB,EAAE,MAAM;AAAA,EACxD;AACA,QAAM,YAAY,gBAAgB,gBAAgB;AAElD,QAAM,UAAU,IAAI,YAAY;AAChC,QAAM,SAAS,QAAQ,OAAO,GAAG,SAAS,IAAI,SAAS,IAAI,OAAO,EAAE;AACpE,QAAM,WAAO,0BAAW,UAAU,OAAO,KAAK,QAAQ,QAAQ,CAAC;AAC/D,QAAM,SAAS,KAAK,OAAO,MAAM,EAAE,OAAO;AAE1C,QAAM,oBAAoB,MAAM,OAAO,KAAK,MAAM,EAAE,SAAS,QAAQ,CAAC;AACtE,QAAM,oBAAoB,kBAAkB,MAAM,GAAG,EAAE,CAAC;AACxD,QAAM,mBAAmB,iBAAiB,MAAM,GAAG;AAEnD,aAAW,sBAAsB,kBAAkB;AACjD,UAAM,CAAC,SAAS,SAAS,IAAI,mBAAmB,MAAM,GAAG;AACzD,QAAI,YAAY,KAAM;AACtB,YAAI,+BAAgB,QAAQ,OAAO,SAAS,GAAG,QAAQ,OAAO,iBAAiB,CAAC,GAAG;AACjF,UAAI;AACF,eAAO,KAAK,MAAM,OAAO;AAAA,MAC3B,SAAS,GAAG;AACV,gBAAQ,MAAM,mBAAmB,OAAO;AACxC,cAAM,qBAAO,gBAAgB,yBAAyB,EAAE,MAAM;AAAA,MAChE;AAAA,IACF;AAAA,EACF;AACA,UAAQ,MAAM,6BAA6B;AAC3C,QAAM,qBAAO,gBAAgB,2BAA2B,EAAE,MAAM;AAClE;","names":[]}
package/dist/webhook/index.d.cts ADDED
@@ -0,0 +1,10 @@
1
+ /**
2
+ * reference: https://github.com/standard-webhooks/standard-webhooks/tree/main/libraries/javascript
3
+ * hono usage:
4
+ * ```ts
5
+ * const webhook = verifyStandardWebhook(c.req.header(), await c.req.text(), 'secret');
6
+ * ```
7
+ */
8
+ declare function verifyStandardWebhook<T = unknown>(headers: Record<string, string>, payload: string, secret: string): T;
9
+
10
+ export { verifyStandardWebhook };
package/dist/webhook/index.d.ts ADDED
@@ -0,0 +1,10 @@
1
+ /**
2
+ * reference: https://github.com/standard-webhooks/standard-webhooks/tree/main/libraries/javascript
3
+ * hono usage:
4
+ * ```ts
5
+ * const webhook = verifyStandardWebhook(c.req.header(), await c.req.text(), 'secret');
6
+ * ```
7
+ */
8
+ declare function verifyStandardWebhook<T = unknown>(headers: Record<string, string>, payload: string, secret: string): T;
9
+
10
+ export { verifyStandardWebhook };
package/dist/webhook/index.mjs ADDED
@@ -0,0 +1,52 @@
1
+ // src/webhook/index.ts
2
+ import { createHmac, timingSafeEqual } from "crypto";
3
+ import { Status } from "../error/status.mjs";
4
+ var WEBHOOK_TOLERANCE_IN_SECONDS = 5 * 60;
5
+ function verifyTimestamp(webhookTimestamp) {
6
+ const now = Math.floor(Date.now() / 1e3);
7
+ const timestamp = parseInt(webhookTimestamp, 10);
8
+ if (isNaN(timestamp)) {
9
+ throw Status.invalidArgument("invalid webhook timestamp").error();
10
+ }
11
+ if (timestamp < now - WEBHOOK_TOLERANCE_IN_SECONDS) {
12
+ throw Status.invalidArgument("webhook timestamp is too old").error();
13
+ }
14
+ if (timestamp > now + WEBHOOK_TOLERANCE_IN_SECONDS) {
15
+ throw Status.invalidArgument("webhook timestamp is too new").error();
16
+ }
17
+ return timestamp;
18
+ }
19
+ function verifyStandardWebhook(headers, payload, secret) {
20
+ const webhookId = headers["webhook-id"];
21
+ const webhookTimestamp = headers["webhook-timestamp"];
22
+ const webhookSignature = headers["webhook-signature"];
23
+ if (!webhookId || !webhookTimestamp || !webhookSignature) {
24
+ throw Status.invalidArgument("invalid webhook").error();
25
+ }
26
+ const timestamp = verifyTimestamp(webhookTimestamp);
27
+ const encoder = new TextEncoder();
28
+ const toSign = encoder.encode(`${webhookId}.${timestamp}.${payload}`);
29
+ const hmac = createHmac("sha256", Buffer.from(secret, "base64"));
30
+ const digest = hmac.update(toSign).digest();
31
+ const computedSignature = `v1,${Buffer.from(digest).toString("base64")}`;
32
+ const expectedSignature = computedSignature.split(",")[1];
33
+ const passedSignatures = webhookSignature.split(" ");
34
+ for (const versionedSignature of passedSignatures) {
35
+ const [version, signature] = versionedSignature.split(",");
36
+ if (version !== "v1") continue;
37
+ if (timingSafeEqual(encoder.encode(signature), encoder.encode(expectedSignature))) {
38
+ try {
39
+ return JSON.parse(payload);
40
+ } catch (_) {
41
+ console.error("invalid payload", payload);
42
+ throw Status.invalidArgument("invalid webhook payload").error();
43
+ }
44
+ }
45
+ }
46
+ console.error("webhook verification failed");
47
+ throw Status.invalidArgument("invalid webhook signature").error();
48
+ }
49
+ export {
50
+ verifyStandardWebhook
51
+ };
52
+ //# sourceMappingURL=index.mjs.map
package/dist/webhook/index.mjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../../src/webhook/index.ts"],"sourcesContent":["import { createHmac, timingSafeEqual } from 'crypto';\nimport { Status } from '../error/status';\n\nconst WEBHOOK_TOLERANCE_IN_SECONDS = 5 * 60; // 5 minutes\n\nfunction verifyTimestamp(webhookTimestamp: string) {\n const now = Math.floor(Date.now() / 1000);\n const timestamp = parseInt(webhookTimestamp, 10);\n if (isNaN(timestamp)) {\n throw Status.invalidArgument('invalid webhook timestamp').error();\n }\n if (timestamp < now - WEBHOOK_TOLERANCE_IN_SECONDS) {\n throw Status.invalidArgument('webhook timestamp is too old').error();\n }\n if (timestamp > now + WEBHOOK_TOLERANCE_IN_SECONDS) {\n throw Status.invalidArgument('webhook timestamp is too new').error();\n }\n return timestamp;\n}\n\n/**\n * reference: https://github.com/standard-webhooks/standard-webhooks/tree/main/libraries/javascript\n * hono usage:\n * ```ts\n * const webhook = verifyStandardWebhook(c.req.header(), await c.req.text(), 'secret');\n * ```\n */\nexport function verifyStandardWebhook<T = unknown>(\n headers: Record<string, string>,\n payload: string,\n secret: string\n): T {\n const webhookId = headers['webhook-id'];\n const webhookTimestamp = headers['webhook-timestamp'];\n const webhookSignature = headers['webhook-signature'];\n if (!webhookId || !webhookTimestamp || !webhookSignature) {\n throw Status.invalidArgument('invalid webhook').error();\n }\n const timestamp = verifyTimestamp(webhookTimestamp);\n\n const encoder = new TextEncoder();\n const toSign = encoder.encode(`${webhookId}.${timestamp}.${payload}`);\n const hmac = createHmac('sha256', Buffer.from(secret, 'base64'));\n const digest = hmac.update(toSign).digest();\n\n const computedSignature = `v1,${Buffer.from(digest).toString('base64')}`;\n const expectedSignature = computedSignature.split(',')[1];\n const passedSignatures = webhookSignature.split(' ');\n\n for (const versionedSignature of passedSignatures) {\n const [version, signature] = versionedSignature.split(',');\n if (version !== 'v1') continue;\n if (timingSafeEqual(encoder.encode(signature), encoder.encode(expectedSignature))) {\n try {\n return JSON.parse(payload) as T;\n } catch (_) {\n console.error('invalid payload', payload);\n throw Status.invalidArgument('invalid webhook payload').error();\n }\n }\n }\n console.error('webhook verification failed');\n throw Status.invalidArgument('invalid webhook signature').error();\n}\n"],"mappings":";AAAA,SAAS,YAAY,uBAAuB;AAC5C,SAAS,cAAc;AAEvB,IAAM,+BAA+B,IAAI;AAEzC,SAAS,gBAAgB,kBAA0B;AACjD,QAAM,MAAM,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;AACxC,QAAM,YAAY,SAAS,kBAAkB,EAAE;AAC/C,MAAI,MAAM,SAAS,GAAG;AACpB,UAAM,OAAO,gBAAgB,2BAA2B,EAAE,MAAM;AAAA,EAClE;AACA,MAAI,YAAY,MAAM,8BAA8B;AAClD,UAAM,OAAO,gBAAgB,8BAA8B,EAAE,MAAM;AAAA,EACrE;AACA,MAAI,YAAY,MAAM,8BAA8B;AAClD,UAAM,OAAO,gBAAgB,8BAA8B,EAAE,MAAM;AAAA,EACrE;AACA,SAAO;AACT;AASO,SAAS,sBACd,SACA,SACA,QACG;AACH,QAAM,YAAY,QAAQ,YAAY;AACtC,QAAM,mBAAmB,QAAQ,mBAAmB;AACpD,QAAM,mBAAmB,QAAQ,mBAAmB;AACpD,MAAI,CAAC,aAAa,CAAC,oBAAoB,CAAC,kBAAkB;AACxD,UAAM,OAAO,gBAAgB,iBAAiB,EAAE,MAAM;AAAA,EACxD;AACA,QAAM,YAAY,gBAAgB,gBAAgB;AAElD,QAAM,UAAU,IAAI,YAAY;AAChC,QAAM,SAAS,QAAQ,OAAO,GAAG,SAAS,IAAI,SAAS,IAAI,OAAO,EAAE;AACpE,QAAM,OAAO,WAAW,UAAU,OAAO,KAAK,QAAQ,QAAQ,CAAC;AAC/D,QAAM,SAAS,KAAK,OAAO,MAAM,EAAE,OAAO;AAE1C,QAAM,oBAAoB,MAAM,OAAO,KAAK,MAAM,EAAE,SAAS,QAAQ,CAAC;AACtE,QAAM,oBAAoB,kBAAkB,MAAM,GAAG,EAAE,CAAC;AACxD,QAAM,mBAAmB,iBAAiB,MAAM,GAAG;AAEnD,aAAW,sBAAsB,kBAAkB;AACjD,UAAM,CAAC,SAAS,SAAS,IAAI,mBAAmB,MAAM,GAAG;AACzD,QAAI,YAAY,KAAM;AACtB,QAAI,gBAAgB,QAAQ,OAAO,SAAS,GAAG,QAAQ,OAAO,iBAAiB,CAAC,GAAG;AACjF,UAAI;AACF,eAAO,KAAK,MAAM,OAAO;AAAA,MAC3B,SAAS,GAAG;AACV,gBAAQ,MAAM,mBAAmB,OAAO;AACxC,cAAM,OAAO,gBAAgB,yBAAyB,EAAE,MAAM;AAAA,MAChE;AAAA,IACF;AAAA,EACF;AACA,UAAQ,MAAM,6BAA6B;AAC3C,QAAM,OAAO,gBAAgB,2BAA2B,EAAE,MAAM;AAClE;","names":[]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@shware/http",
3
- "version": "1.2.0",
3
+ "version": "1.2.2",
4
4
  "private": false,
5
5
  "type": "module",
6
6
  "repository": {